On Tuesday, Apple unveiled an update to its forthcoming macOS Sequoia, introducing heightened restrictions that make circumventing Gatekeeper defenses more challenging for users.
Gatekeeper serves as a pivotal bulwark within macOS, ensuring that only sanctioned applications are permitted to operate within the ecosystem. When software is sourced from outside the App Store and executed for the inaugural time, Gatekeeper ascertains that the application originates from a verified developer.
In addition, it conducts verifications to confirm that the app is properly notarized and free from any tampering that could result in malware infiltration on macOS devices. This mechanism also necessitates explicit user consent before any third-party application is authorized to execute.
It is this very consent protocol that Apple has now further reinforced with the advent of macOS Sequoia, the latest iteration of the Mac operating system, anticipated for release next month.
“In macOS Sequoia, the ability for users to bypass Gatekeeper by employing a Control-click to open software that lacks proper signing or notarization will no longer be available,” Apple disclosed.
“Instead, they will be required to navigate to System Settings > Privacy & Security to scrutinize security details of the software before granting permission for its execution.”
This strategic enhancement is perceived as a countermeasure against stealer malware and backdoor intrusions that typically target macOS, often masquerading as unsigned software and luring users into sidestepping Gatekeeper’s safeguards.
In July 2023, cyber adversaries from North Korea were detected disseminating an unsigned DMG (disk image) file under the guise of a legitimate video conferencing service known as MiroTalk. This malicious entity activated its pernicious payload after victims Control-clicked and selected “Open,” disregarding Apple’s security warnings.
4o
